Programs and data are increasingly replicated among computers that are geographically dispersed. When such computers belong to a single entity or cooperating entities, they are typically interconnected via a wide-area network. For example, large banks have many branches, and computers of those branches are connected to a computer in the central data processing center. Bank account balances are typically stored in bank branches as well as in a central data processing center. Similarly, computers that manage a telephone network often share the same routing tables and programs that compute optimal routing of calls. The common characteristic of such data or programs is that the same copy must be on all computers involved, that the contents must be protected from falling into the wrong hands, and that the rate of change may be high enough so that updating performance is important.
Current means for interconnecting computing elements to form a wide area network vary in their levels of security. Since some of these means are rather insecure, such as the Internet, the common wisdom is that means for insuring security need to be provided. The prevalent practice for exchanging data is to use encryption with some agreed-upon keys between the sender and the receiver. This practice has a number of drawbacks. If the key is only known to human users, then the data must be encrypted and decrypted by hand. This, of course, is extremely inconvenient, prone to errors, and is not very secure, particularly when many sites and people are involved. Alternatively, passwords can be stored in computers, so that encryption and decryption can be done automatically. This, however, involved password management procedures, with other security concerns. For example, computers are powerful enough to break short keys that are long-lived. Therefore, secret keys are typically altered at some regular intervals, and in accordance with a prescribed manner. However, once a key is broken, the interloper can also alter the key is the same prescribed manner.
In addition, the information required to update a dataset is typically much smaller than the new version itself. From this viewpoint, sending entire datasets to replace old versions is burdensome and expensive. In the context of this disclosure, the term "dataset" includes a string of data, a file, a related collection of files (such as the files that comprise a database) and even an unrelated collection of files.
Programs are also increasingly replicated among computers that are geographically dispersed but which do not belong to a single entity or cooperating entities. Those computers are typically not interconnected in a "hardwire" way, but many of these computers are accessible via modems. The most common example of that is programs that are sold by an entity, for example, Microsoft, to a large number of users. This segment of the industry has a need to provide updates of programs, but typically employs other than telecommunication means for providing the updates. Those that do permit the downloading of software are typically not interested in vouching for the integrity of the software and, therefore, do not employ any security measures.
Clearly, a method for secure and efficient remote update of data is desirable.